Phishing is the fraudulent process of
attempting to acquire sensitive information such as usernames, passwords and
credit card details by masquerading as a trustworthy entity in an electronic
There has been a recent series of Phishing
emails to CWRU users urging recipients to click on a weblink in order to keep
their accounts open. These links take users to official-looking but fraudulent
imitations of the CWRU Single Sign-On page, hosted on non-CWRU-owned web
Before clicking any weblink, hover (but don't click) the mouse pointer over the
link to reveal the real Web address.
Depending on your browser, it may appear as a pop-up near your mouse pointer or
at the lower-left corner of your browser window. If you have already clicked
the link, check the address bar to verify that the page you are on matches the
text of the link you clicked.
CWRU Information Technology Services (ITS) does send notifications to users
when passwords need to be changed to comply with the 365-day password age
policy. Those notification emails intentionally contain no links; we
request that users contact the ITS Help Desk for direction to the authoritative
account management pages. You should NEVER enter your CWRU account credentials
into a page outside the case.edu domain.
If you have additional questions about phishing, please
contact the ITS Help Desk (216)